Slsa

box in rain

Episode 376 - Open Source Summit, who built your open source, and AI

Josh and Kurt talk about the Open Source Summit in Vancouver. Josh was there and we pick on two observations. Firstly that security keeps trying to use fear as a feature, except it doesn’t work. Secondly we discuss AI and how people are talking about it. It is changing things, how much is yet to be seen. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_376_Open_Source_Summit_who_built_your_open_source_and_AI.mp3 Show Notes SLSA FRSCA S2C2F MSI leak Intel microcode Tom Scott AI Video

May 22, 2023
chain-5090999_1920

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What’s currently going on in this space and what sort of new thing scan we look forward to? We discuss Google’s open source use, Project Sigstore, the SLSA framework and more. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_286_Open_source_supply_chain_with_Googles_Dan_Lorenc.mp3 Show Notes Dan’s Twitter Sigstore SLSA Framework

August 30, 2021